Browse Prior Art Database

NHRP Support for Virtual Private Networks (RFC2735)

IP.com Disclosure Number: IPCOM000003331D
Original Publication Date: 1999-Dec-01
Included in the Prior Art Database: 2000-Sep-13
Document File: 10 page(s) / 25K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

B. Fox: AUTHOR [+2]

Abstract

The NBMA Next Hop Resolution Protocol (NHRP) is used to determine the NBMA subnetwork addresses of the "NBMA next hop" towards a public internetworking layer address (see [1]). This document describes the enhancements necessary to enable NHRP to perform the same function for private internetworking layer addresses available within the framework of a Virtual Private Network (VPN) service on a shared NBMA network.

This text was extracted from a ASCII Text document.
This is the abbreviated version, containing approximately 12% of the total text.

Network Working Group B. Fox

Request for Comments: 2735 Equipe Communications

Category: Standards Track B. Petri

Siemens AG

December 1999

NHRP Support for Virtual Private Networks

Status of this Memo

This document specifies an Internet standards track protocol for the

Internet community, and requests discussion and suggestions for

improvements. Please refer to the current edition of the "Internet

Official Protocol Standards" (STD 1) for the standardization state

and status of this protocol. Distribution of this memo is unlimited.

Copyright Notice

Copyright (C) The Internet Society (1999). All Rights Reserved.

Abstract

The NBMA Next Hop Resolution Protocol (NHRP) is used to determine the

NBMA subnetwork addresses of the "NBMA next hop" towards a public

internetworking layer address (see [1]). This document describes the

enhancements necessary to enable NHRP to perform the same function

for private internetworking layer addresses available within the

framework of a Virtual Private Network (VPN) service on a shared NBMA

network.

1. Introduction

NHRP is a public internetworking layer based resolution protocol.

There is an implicit understanding in [1] that a control message

applies to the public address space.

Service Providers of Virtual Private Network (VPN) services will

offer VPN participants specific service level agreements (SLA) which

may include, for example, dedicated routing functions and/or specific

QoS levels. A particularly important feature of a VPN service is the

ability to use a private address space which may overlap with the

address space of another VPN or the Public Internet. Therefore, such

an internetworking layer address only has meaning within the VPN in

which it exists. For this reason, it is necessary to identify the

VPN in which a particular internetworking layer address has meaning,

the "scope" of the internetworking layer address.

As VPNs are deployed on shared networks, NHRP may be used to resolve

a private VPN address to a shared NBMA network address. In order to

properly resolve a private VPN address, it is necessary for the NHRP

device to be able to identify the VPN in which the address has

meaning and determine resolution information based on that "scope".

As VPN services are added to an NBMA network using NHRP devices, it

may be necessary to support the service with legacy NHRP devices that

do not have VPN knowledge and so do not explicitly support VPNs.

This document describes requirements for "VPN-aware" NHRP entities to

support VPN services while communicating with both "VPN-aware" and

"non-VPN-aware" NHRP entities.

2. Overview of NHRP VPN Support

2.1 Terminology

The key words "MUST", "MUST NOT", "REQUIRE...